If allowed token have vulnerability been found, there is no way to remove it, which could harm the protocol

Question

If allowed token have vulnerability been found, there is no way to remove it, which could harm the protocol

howlbot-integration opened this issue 2 years ago · 3 comments

howlbot-integration commented 2 years ago

Lines of code

https://github.com/code-423n4/2024-05-loop/blob/40167e469edde09969643b6808c57e25d1b9c203/src/PrelaunchPoints.sol#L364-L366

Vulnerability details

Impact

There is no way to avoid harm from allowed token which been proved exploitable.

Proof of Concept

Owner of PrelaunchPoints have authority to add allowed token, but can't remove it if one of allowed tokens have been proved exploitable, this could harm the protocol.

    function allowToken(address _token) external onlyAuthorized {
        isTokenAllowed[_token] = true;
    }

Tools Used

Vscode

Recommended Mitigation Steps

Add a bool parameter to add/remove allowed token

-    function allowToken(address _token) external onlyAuthorized {
+    function allowToken(address _token, bool isAllowed) external onlyAuthorized {
-        isTokenAllowed[_token] = true;
+        isTokenAllowed[_token] = isAllowed;
    }

Assessed type

Access Control

Answer 1 · 2024-05-19T04:26:39.000Z

This poses a security risk in case of malicious owner, since disallowedTokens can be withdrawn by owner

Answer 2 · 2024-05-31T08:23:25.000Z

koolexcrypto marked the issue as duplicate of #90

Answer 3 · 2024-05-31T08:47:44.000Z

koolexcrypto marked the issue as unsatisfactory:
Invalid